2.3 Test Server Connection Signature Validation

Here is the professionally formatted section for 2.3 – Test Server Connection Signature Validation:

---

2.3 Test Server Connection Signature Validation

---

Requirement Description

Verify that the firmware applications validate the digital signature of server connections, ensuring authenticity and integrity of server-side data during communication.

---

DUT Confirmation Details

(To be filled based on OEM-provided inputs, e.g., model name, ID, manufacturer confirmation statements)

---

DUT Software Details

(To be filled based on OS/firmware version, application modules, and related packages)

---

Hash Checksum Verification for DUT’s Software Image

(Include SHA256/SHA512 hash verification value here)

---

DUT Configuration

(Brief description of network configuration, authentication settings, TLS stack, firewall policies etc.)

---

Pre-Conditions

The vendor shall provide the following documentation:

• A detailed use-case document specifying instances where the DUT establishes outbound server connections.

• A description of digital signature validation mechanisms (e.g., certificate pinning, mutual TLS, HMAC validation).

• Any security controls or APIs implemented to handle signature verification during server communication.

---

Test Plan Overview

Test Case ID	Test Name
BIS-2.3.1	TC_VALIDATE_SIGNATURE_VALID
BIS-2.3.2	TC_VALIDATE_SIGNATURE_INVALID
BIS-2.3.3	TC_VALIDATE_SIGNATURE_EXPIRED
BIS-2.3.4	TC_VALIDATE_SIGNATURE_MISSING
BIS-2.3.5	TC_VALIDATE_SIGNATURE_ON_SERVER_RESPONSE_CONTENT

---

Test-bed Diagram with Interfaces and IPs

(Provide a network diagram indicating DUT, test server, MITM/Intercept tools, signature manipulation tools, IPs/subnets used in testing.)